Comment Re:I can summarize (Score 2) 48
That was true in the past, but it just isn't true of the recent progress in machine learning. Take a look at the data we've collected on problems like visual question answering, reading comprehension or learning to play Atari just by watching the screen, and you'll see that progress is happening in domains that either lack rigid rules, or where the rigid rules are non-trivial to discover.
Submission + - EFF launches new AI progress measurement project (eff.org)
Today we are launching a pilot project to measure the progress of AI research. It breaks the field into a taxonomy of subproblems like game playing, reading comprehension, computer vision, and asking neural networks to write computer programs, and tracks progress on metrics across these fields. We're hoping to get feedback and contributions from the machine learning community, with the aim of using this data to improve the conversations around the social implications, transparency, safety, and security of AI.
Submission + - EFF: Does DARPA's Cyber Grand Challenge Need A Safety Protocol? (eff.org)
Submission + - Anouncing Certbot: EFF's client for Let's Encrypt (eff.org)
Comment Re:interesting (Score 3, Informative) 63
Well, our source code is available so you can check that we do not monitor what you do with your privacy
Comment Re:doesn't work without javascript (Score 3, Informative) 63
Yes our simulation of third party tracking involves visiting three synthetic first party domains that share a third party tracker. That works if you have various types of blockers installed, or if JavaScript is disabled. But if you have a browser that both blocks JS and blocks redirects or blocks absolutely all loads of tracking domains (eg via an
We're going to provide a fingerprinting-only URL for Panopticlick 2 that works even for people with a NoScript + AdAway or NoScript + redirect blocking, will post a link on the site when it's ready.
Submission + - Is your browser safe from Web tracking? (eff.org)
Submission + - Let's Encrypt is now in Public Beta (eff.org)
Comment Re:Shared hosting... (Score 1) 212
We'll try to give site operators a configurable choice of multiple solutions -- certificates with multiple Subject Alternative Names (SANs); per-site certificates deployed using Server Name Indication (SNI); IPv4 addresses per site if you have enough; or IPv6 addresses per site.
All of these solutions have different problems and limitations:
- If mutliple-SAN certs get too large, they cause performance problems, and some clients may not be able to handle them
- SNI isn't supported by Safari and older IE on Windows XP, or more alarmingly by Android below 4.x
- IPv4 addresses are scarce and costly
- Many clients still can't route IPv6
Sophisticated hosting platforms may want to use all of these methods in combination.
Comment Re:quick question (Score 5, Informative) 212
Actually the US Department of Defense and dozens of other governments have their own CAs with which they could issue a certificate for your domain, if they wished to. Here's a map we made of them using our SSL Observatory datasets.
Nonetheless we should be able to use publication mechanisms such as Certificate Transparency to ensure that any compromise or compulsion of the Let's Encrypt CA could be quickly detected.
Submission + - Launching 2015: a new Certificate Authority to Encrypt the Entire Web (eff.org)
Submission + - EFF begins a Campaign for Secure and Usable Cryptography (eff.org)
Comment Re:HTTPS Doesn't Make a Browser Secure (Score 1) 2
Agreed, provocative headline aside, the post specifies that the kind of security we can deliver is protection against dragnet surveillance.
Mobile phones in general are not yet in a position to offer much host security against targetted attacks; they have unauditable basedband chips and carrier-controlled update mechanisms and very slow security update cycles.
Submission + - With HTTPS Everywhere, is Firefox now the most secure mobile browser? (eff.org) 2
Android users should install the Firefox app and then add HTTPS Everywhere to it. iPhone and iPad users will unfortunately have to switch to Android to get this level of security because Apple has locked Mozilla Firefox out of their platforms.